You’re thinking about moving from an on-premises data center—a domain that you manage—to a cloud environment. From ransomware to data recovery, there’s a lot to consider, so it’s important to ask the right questions. How secure is your managed service provider? Who can access your data in a multitenant environment? How fast can you access backup data? What are your governance responsibilities for the data under your care? How do you build applications in the cloud?
Although on-premises data centers may have fewer systems and more access control, the brick-and-mortar model can limit your capabilities and slow you down. It’s all about balance: capitalizing on the best the cloud has to offer, while maintaining the integrity of your systems and your data security, with no slow-downs and no loss of performance.
It takes a solid understanding of your data, the cloud environment, and the risks involved—and that’s a breeze when a trusted partner with the tools and resources to optimize your cloud experience has your back.
In the early days of the cloud, adopters used it for cost-effective data storage and disaster recovery and backup—a lot of people still do. Putting your data in the cloud means no tapes and no offline storage, and it means faster disaster recovery response and storage elasticity that physical backups can’t match. But as investments in the public cloud continue to increase rapidly, more organizations target the cloud for the majority of their IT strategy. Businesses are turning to the cloud for larger, more complex uses.
As companies look to expand and migrate to the cloud, IT teams are incorporating cloud infrastructure experience as part of their day to day. They’re shifting applications to the cloud and building new applications on modern architecture. The cloud is continually becoming a more popular destination for business-critical applications. However, throughout these shifts, it’s important to understand that although data centers and cloud environments share many common principles, some security and protection issues may require extra attention when moved into someone else’s data center.
When you’re in the cloud, chances are you’re working with multiple storage vendors to best meet your needs. That’s a smart strategy, but managing it all can be a headache. At NetApp, we learned early on that, rather than trying spin up our own cloud, we’d be better off partnering with the public cloud providers to offer our unique value on top of what they deliver to the market. We’ve created technologies that span multiple vendors to help our customers optimize their unique cloud experience.
No matter where your data resides, things like secure data access and user authentication, copy data management for backup and disaster recovery, effective data governance, and encryption technologies must all be properly managed. You spent hours putting your comic books in protective sleeves and you don’t store them in the leaky attic. Your data is even more important, so put the time in now to give it the best protection you can.
As far as governance is concerned, you’re still responsible for the protection and security of your data—and your customers’ data—even though it’s sitting in someone else’s data center. Solutions such as NetApp® Cloud Data Sense allow users to scan their data, identify what’s sensitive, and verify who has permissions, helping to make sure that the right people have access and the wrong people don’t.
It’s also important to understand that building applications in the cloud is different from using the cloud. When it comes to applications like Salesforce, point-of-sale-type retail applications, or healthcare portals, you rely on software vendors to maintain app security. When an organization is building an application in the cloud and configuring infrastructure for it in the cloud, they must take into consideration things like networking and authentication and how to build a secure application.
And speaking of security, data must be secure when it’s in the cloud, on its way there, and every time you access it, so encryption, data access, user account authentication, and multifactor authentication (MFA) all become very important.
Do ransomware and phishing threats—even the actions of rogue admins or insider threats—keep you awake at night? You’re not the only one. When asked about their top cybersecurity concern, 57% of executives named ransomware and data breaches. Malicious actors and other threat sources can hold your data for ransom, delete your backups, and/or target sensitive data with the intent to extort or do damage. These threats can be costly to your time, your bottom line, and your brand. And the more data you have, the harder it is to manually monitor who is accessing what, from where, and whether or not it’s regular behavior. Here at NetApp, our cyber resilience strategies are designed to help you to rest easier at night knowing that you, and your data, are tucked in safe.
I get it. Keeping your data and applications optimized and secure when you’re moving them to the cloud can feel like a lot. But that’s what we’re here for. We’re the partner that understands the threats, knows how to protect against them, and knows how to make the process easier with automation and built-in cloud solutions. NetApp has the resources to help you protect, detect, and recover your data. We call it cyber resilience.
You need to know your data: what it is, where it is, whether it’s crossing borders, whether it uses sensitive and identifying information like credit cards or social security numbers, and whether it complies with regulations. But with an ever-increasing amount of data, that’s a lot to stay on top of. Automation is the solution. Again, NetApp Cloud Data Sense is designed to scour through almost any object or file datastore and keep tabs on your data.
If your data is behaving strangely, you need to flag it, assess the ransomware threat level, and evaluate whether to deal with the issue. However, as your datastores grow, and threats get smarter, it’s trickier to catch strange behavior in your file storage system. We’ve leveraged emerging AI technology as part of the NetApp ONTAP® platform to create autonomous ransomware protection that detects threats early, alerts admins, and creates automatic backups for rapid recovery.
When it comes to data center versus cloud, it’s not about which one is more secure—they can both have security issues. It’s about management.
The prevailing sense might be that on-premises data centers are more secure than the cloud, but the evidence doesn’t support that. It’s actually user configuration and management of the environment that has the biggest impact. Even if you configure infrastructure in the cloud, you’ll have to set up virtual networks and virtual clouds—virtual elements of what you would have to do on premises. And if you don’t do that correctly, then your organization will find itself with a security hole whether you’re on premises or in the cloud.
The decision to move to the cloud shouldn’t depend on security fears. It should depend on the nature of your business and on understanding where you can benefit from cloud efficiencies and optimizations. On premises isn’t going to disappear, but you can’t ignore the capabilities of cloud and how it can help your company.
Here at NetApp, we’ve been doing this for a long time. More than 30 years of experience protecting data has given us the know-how to deliver unique value to your cloud experience. And in a world of growing threats, we use built-in, data-centric cyber resilience tools, automation, and comprehensive solutions to help customers thwart cybersecurity threats and data loss across their entire hybrid cloud, orchestrating response and recovery, all without degrading performance.
With NetApp in your corner, you’re safe and sound in the cloud.
Read Data protection: Unfear the failure to learn more about how NetApp keeps your data safe and secure.
Jason is a business and marketing professional with over 20 years of product marketing, product management, and corporate finance experience. Since joining NetApp in 2008 he has been focused on SAN and NAS storage, backup and disaster recovery solutions, and cloud data services. When not in the office, you can find him cycling, cooking, enjoying time with family, and volunteering at his church and in the community.